Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/cRi0Q87JsyRcacVTWkS3Dllx3Gs.roa
File: cRi0Q87JsyRcacVTWkS3Dllx3Gs.roa (raw, json)
Hash identifier: lRgyTlAGwq3D1Jwa0aWZZvld5BSMeNImdDDCFQAhUq8=
Subject key identifier: 71:18:B4:43:CE:C9:B3:24:5C:69:C5:53:5A:44:B7:0E:59:71:DC:6B
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 01856BCA19771E9706A5237E495A79F18C33
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/cRi0Q87JsyRcacVTWkS3Dllx3Gs.roa
Signing time: Sun 01 Jan 2023 05:24:44 +0000
ROA not before: Sun 01 Jan 2023 05:24:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31122
IP address blocks: 45.138.79.0/24 maxlen: 24
45.135.9.0/24 maxlen: 24
45.135.11.0/24 maxlen: 24
45.136.217.0/24 maxlen: 24
45.136.219.0/24 maxlen: 24
45.138.77.0/24 maxlen: 24
45.139.33.0/24 maxlen: 24
45.139.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Jan 2023 13:44:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ca:19:77:1e:97:06:a5:23:7e:49:5a:79:f1:8c:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Jan 1 05:24:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7118b443cec9b3245c69c5535a44b70e5971dc6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:88:41:02:bf:72:66:7f:3c:83:29:69:54:00:
4c:c7:8c:22:e5:50:c3:4d:fc:fb:93:f1:d5:d8:92:
dc:ea:f5:45:11:da:5e:40:3d:e4:4e:db:a4:11:5c:
0d:6f:e2:1b:76:de:ea:83:7d:a2:b9:62:bc:b2:88:
93:24:f3:b3:7e:d9:af:79:19:25:8d:01:6a:a0:7a:
a6:a4:ff:54:de:bd:c5:c7:4f:22:01:fc:cd:7a:60:
67:97:57:27:b1:d5:4d:76:bc:33:ff:ed:e4:bd:90:
d8:bc:2d:91:a9:95:d1:91:43:d1:e6:f9:2c:94:65:
e4:dd:0a:36:08:a2:6f:65:95:0c:f2:07:87:f7:69:
ba:e7:56:00:43:42:b1:65:2e:84:97:93:45:78:72:
24:27:f3:1c:66:25:8e:db:2c:5a:cf:f7:a8:10:25:
c7:e6:fb:a6:bd:c0:09:ab:d9:7d:74:b5:48:9e:7f:
e3:58:5a:68:24:24:92:db:67:b9:bf:e4:26:fa:bb:
5c:24:53:ae:5d:f6:b9:11:0f:a6:1b:3f:0e:cd:90:
41:88:40:a1:14:c0:43:4a:5e:08:f6:76:37:0d:91:
0e:a2:a9:16:df:f5:04:c5:9a:0e:90:1a:b9:f3:53:
d9:b3:85:92:b7:4a:ee:8d:c7:e6:48:6e:17:98:fc:
b8:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:18:B4:43:CE:C9:B3:24:5C:69:C5:53:5A:44:B7:0E:59:71:DC:6B
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/cRi0Q87JsyRcacVTWkS3Dllx3Gs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.9.0/24
45.135.11.0/24
45.136.217.0/24
45.136.219.0/24
45.138.77.0/24
45.138.79.0/24
45.139.33.0/24
45.139.35.0/24
Signature Algorithm: sha256WithRSAEncryption
09:80:e7:08:40:16:7a:56:f7:85:6f:3c:84:23:a5:2a:ec:3f:
d0:a2:24:88:55:64:90:eb:fb:86:0d:61:d6:59:87:5f:31:17:
c4:9b:3b:b3:bc:44:bb:50:18:a4:10:d7:06:40:69:cb:74:6b:
78:57:30:06:c7:e8:a1:8f:be:28:93:91:a6:8d:3b:3e:ec:72:
a8:4a:35:52:fe:8e:b4:61:e7:d5:a9:0c:15:0d:62:ef:6c:4b:
64:f5:fa:04:6f:1e:9a:00:39:84:41:8d:9d:0d:d0:0f:7f:a4:
e4:29:70:42:e9:21:94:61:b4:b7:34:72:06:6a:39:11:07:f1:
97:68:5b:f8:73:e4:b5:d9:f4:14:8e:3e:3a:6f:7c:56:6a:3c:
d7:46:f0:ed:16:07:4d:26:f9:8b:ad:67:ac:4e:12:da:47:82:
32:7d:55:1e:df:22:b1:72:ef:b9:21:75:75:19:da:5e:79:d3:
68:d5:87:3b:ed:71:7a:db:05:da:a2:cc:9f:40:67:48:91:44:
52:eb:71:70:96:40:a1:ea:8c:e4:06:b7:ce:f9:d1:d5:bb:f5:
c4:82:42:40:ee:fb:cf:f8:73:12:56:ff:a9:90:de:cb:a3:66:
69:83:21:33:7c:a7:2a:e6:22:51:db:d8:a3:6c:dd:da:0e:fa:
ba:63:91:7b
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYVryhl3HpcGpSN+SVp58YwzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjMwMTAxMDUyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTE4YjQ0M2NlYzliMzI0NWM2OWM1NTM1YTQ0YjcwZTU5NzFkYzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzIhBAr9yZn88gylpVABMx4wi5VDD
Tfz7k/HV2JLc6vVFEdpeQD3kTtukEVwNb+Ibdt7qg32iuWK8soiTJPOzftmveRkl
jQFqoHqmpP9U3r3Fx08iAfzNemBnl1cnsdVNdrwz/+3kvZDYvC2RqZXRkUPR5vks
lGXk3Qo2CKJvZZUM8geH92m651YAQ0KxZS6El5NFeHIkJ/McZiWO2yxaz/eoECXH
5vumvcAJq9l9dLVInn/jWFpoJCSS22e5v+Qm+rtcJFOuXfa5EQ+mGz8OzZBBiECh
FMBDSl4I9nY3DZEOoqkW3/UExZoOkBq581PZs4WSt0rujcfmSG4XmPy4bwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFHEYtEPOybMkXGnFU1pEtw5ZcdxrMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvY1JpMFE4N0pzeVJjYWNWVFdrUzNEbGx4M0dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALYcJAwQA
LYcLAwQALYjZAwQALYjbAwQALYpNAwQALYpPAwQALYshAwQALYsjMA0GCSqGSIb3
DQEBCwUAA4IBAQAJgOcIQBZ6VveFbzyEI6Uq7D/QoiSIVWSQ6/uGDWHWWYdfMRfE
mzuzvES7UBikENcGQGnLdGt4VzAGx+ihj74ok5GmjTs+7HKoSjVS/o60YefVqQwV
DWLvbEtk9foEbx6aADmEQY2dDdAPf6TkKXBC6SGUYbS3NHIGajkRB/GXaFv4c+S1
2fQUjj46b3xWajzXRvDtFgdNJvmLrWesThLaR4IyfVUe3yKxcu+5IXV1GdpeedNo
1Yc77XF62wXaosyfQGdIkURS63FwlkCh6ozkBrfO+dHVu/XEgkJA7vvP+HMSVv+p
kN7Lo2ZpgyEzfKcq5iJR29ijbN3aDvq6Y5F7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:24 2024 by rpki-client on console-ams.rpki-client.org